|
iptables and NAT
ok, i dont like posting without research beforehand, but i cant find any basic tutorials on this. I have a Gentoo box with two nic's. It is gonna be the router for my network among other things. eth0 is connected directly to my DSL modem, and the modem is forwarding all ports to eth0. eth1 is going to a switch, which two other pc's are connected to.
setup: dsl modem(192.168.1.254) ----> eth0(192.168.1.100)<Linux>----- --->eth1(192.168.0.1)--->switch------->pc(192.168.0.10) |------------------->pc(192.168.0.11) iptables is supported by the kernel, and is loaded. ip forwarding is enabled. eth1 is set as the default gateway for the pc's. i cant start iptables because there are no rules. i need to know exactly which files to add and modify so that iptables has a basis to start. i dont care about any firewall functions right now. Just NAT and ip masquerading so that the pc's can connect to the net. There is no rc.d directory on gentoo or rc.local. the problem is every tutorial is for red hat(ugh).the only iptables config files are in /etc/init.d and /etc/conf.d. the iptables program is in /sbin/iptables along with iptables-restore and iptables-save. so again, the thing i need to know is where are the config files i need to add and modify, and what are basic commands i need to add to set up NAT and ip masquerading. basic meaning forwarding all ports to and from eth0 to eth1. thanks |
doesnt anyone know?
|
There aren't config files for iptables, I think.. and you wont make it only with few 'basic commands'. I suggest you to read the '$ man iptables' carefully, and especially the MASQUERADING section.. there's a MASQ-HOWTO in your documentation directory, too. Read it, there are a lot of useful things.
Here's the 'basic command' that you could explore: Code:
iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED |
thanks but i cant use commands until iptables is working. it is set to run at boot, and when it tries it says it cant start, there is no rules, create some rules first. so i need to know which files are need and why it wont start. but thx anyway
|
iptables
ivanatora is indeed right. There are no config files for iptables. However, there are two programs called iptables-save and iptables-restore. iptables-save outputs a config type file that's really just a cat of your iptable rules with some extra schtuff in it like packet counters and whatnot.
It's fine if iptables' startup in Gentoo shiz's the bed. It doesn't mean iptables won't work. It only means the saved iptables-save file didn't load on startup. You can still use the rules ivanatora suggested to setup ip masq by typing those rules, just as he/she/it suggested. |
you said
"i cant start iptables because there are no rules." is this true? |
yes right now, there was something wrong with my kernel and what i was trying to do. its being worked on now.
|
|
thx but in the end it boiled down to iptables not working right, not my config. no matter what, me or to a greater extent, blindsight, through ssh,who posted up there, tried to do, iptables would not work. it was not a simple config problem. iptables was just jacked up. in the end i decided to ditch gentoo in favor of a distro i know better, slackware. now i know this wasnt gentoo's fault, but it got kicked to the curb anyway. its too bad because i actually liked it alot, it was faster than any distro ive ever tried and everything was fine except iptables. but i have been workin on gettin everything set up the way i like it for a week straight. and thats just too long. maybe ill try gentoo again once i know iptables a little better, exactly what the kernel needs to support, and what dependencies it has on other programs/services. for those of you not understanding me, try out gentoo...
|
| All times are GMT -5. The time now is 07:18 AM. |